[cas-user] Example Perl client for CAS RESTful API

Thu, 06 May 2010 11:33:58 -0700 

Hi,

Here's my working example of a Perl client for the CAS RESTful API. You
might wonder why I'm returning a hashref, it's because I output it as
JSON (this is part of a Dancer.pm application) and serialization is
automatic this way. I'd be glad to add this to the Wiki if it adds value
to the documentation.

  #!/usr/bin/env perl

  # you might want to use Data::Dumper; and Dumper instead of return
  # just for looking at what is being returned here.

  # full URI to the base path for REST calls
  my $cas = 'https://cas:8443/cas/v1';

  # username == password, works with the simple handler
  my $username = 'john';
  my $password = 'john';

  # at this point google must be tired of receiving my test STs :)
  my $service = 'http://google.com/';

  use LWP::UserAgent;
  my $ua = LWP::UserAgent->new;

  # we need a cookie jar
  use HTTP::Cookies;
  $ua->cookie_jar(HTTP::Cookies->new(file => "/tmp/.cookies.txt"));

  # Get the TGT.
  my $response = $ua->post( $cas . '/tickets',
                            { username => $username,
                              password => $password });
  return { 'error' => $response->status_line } unless
  $response->is_success;

  # The TGT is somewhere inside Location, but it's fine...
  # we just need to call this Location with a 'service' parameter
  # to get a valid ST -- we're already authenticated.
  $response = $ua->post( $response->header('Location'),
                         { service => $service },
                       );
  return { 'error' => $response->status_line } unless
  $response->is_success;

  # The ST is back inside the content of the response.
  my $st = $response->decoded_content;

  # We can now go to the service with this ticket.
  $response = $ua->get( $service . '?ticket=' . $st ); # TIMTOWTDI
  return { 'error' => $response->status_line } unless
  $response->is_success;

  # MOD_AUTH_CAS cookie is on the last response's request
  # and also on the cookie jar BTW
  return { 'cookie' => $response->request->header('cookie') };

  undef $ua; undef $response; # ... more housekeeping.

  # TGT is lost. It's up to the developer how to handle this cookie
  # which will grant access to a mod_auth_cas secured resource.

HTH,

-- 
José Miguel Parrella Romero (bureado.com.ve)          PGP: 0×88D4B7DF
Debian Developer                                Caracas, VE/Quito, EC

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to